The GovLab SCAN – Issue 34

As part of the GovLab’s Living Labs on Smarter Governance project, this is our thirty-fourth edition of The SCAN – Selected Curation of Articles on Net-Governance. Feel free to share your suggestions with us at SCAN@thegovlab.org.

This week’s highlights:

Two significant legal developments in the privacy and surveillance sphere are being debated this week –the Cyber Information Sharing Act (CISA) within the United States, and the Data Retention and Investigations Powers (DRIP) Act within the United Kingdom. Critics fear both expand the surveillance powers of the state.

ICANN’s accountability is under global scrutiny with a proposal by the civil society Just Net Coalition for the BRICS countries (Brazil, Russia, India, China, and South Africa) to come up with a “new model for Internet governance”, and the French Senate publishing a proposal for a remodeled Internet Governance Forum (IGF) and a remodeled ICANN.

ICANN

In this blog post Catapano describes his own trajectory in becoming a participant in ICANN’s working group processes and states first that. “one of the best ways to fully understand how ICANN’s stakeholders create policy … is join an ICANN working group”. Catapano then describes the processes of an ICANN working group’s deliberations, the challenges and rewards of getting involved in a working group, and how newcomers can get involved in a working group (for example, by looking at the GNSO’s active working groups list, or the announcements for calls for volunteers).

Internet Governance

In the report (titled “New Role and New Strategy for the European Union in the Global Governance of the Internet”) by the French Senate calling for the reform of both the Internet Governance Forum (IGF) and of ICANN, there is a call for a “Franco-German alliance” as the “engine behind Europe’s ambitions of internet governance”. As part of a larger effort to coordinate the European approach to Internet governance, the report proposes two concrete industrial partnership projects: “a mobile operating system and a secure and open European Cloud”.

The U.S. Federal Communications Commission has received over 1 million comments on its proposed net neutrality rules, causing its electronic comment filing system to overload, and leading the FCC to extend its public comment period to accommodate more comments. This is the most comments ever received in an FCC rulemaking process. The New York Times comments that a sampling of the comments shows that a majority of submissions are asking the FCC to “take strong action to preserve net neutrality”. The FCC is expected to make a decision on open Internet rules by the end of 2014 or in early 2015.

The World Wide Web Foundation, the U.K. Law Society, the Financial Times, and others are criticizing the U.K. government for attempting to fast-track the Data Retention and Investigation Powers (DRIP) Act, in particular because the Act may greatly expand the surveillance powers of the U.K. government. Critics argue that such legislation needs proper parliamentary scrutiny, and point out, for example, that the Act may conflict with existing EU data surveillance laws.

The U.K. government is “fast-tracking” the Data Retention and Investigation Powers (DRIP) Act in Parliament this week. The bill is being introduced as an emergency response to the recent strike-down of “an EU-wide law forcing communications firms to hang on to subscriber data for law enforcement purposes” by allowing for “the interception of metadata for webmail and other web services”. However, the new bill may also “expand existing surveillance legislation so that interception warrants can be served on foreign communications companies”.

U.S. Attorney General Eric Holder announced on June 25th that “the Obama administration is seeking to extend to EU citizens several privacy protections in U.S. law, which today are only available to U.S. citizens and permanent residents”. The U.S. Department of Justice seeks to grant Europeans access to U.S. courts for certain privacy offenses under the Privacy Act of 1974 which currently only applies to U.S. citizens and permanent residents.

In a statement to the BRICS (Brazil, Russia, India, China, and South Africa) countries which this week held a summit in Brazil, the Just Net Coalition (a group of civil society organizations and representatives) has called for a “change in the global system of internet governance in light of revelations of mass surveillance”. The statement asks the BRICS to rebalance the “unipolar world” of Internet governance dominated by the U.S. The statement calls for a new model of Internet governance that recognizes human rights, freedom of expression, and the right to privacy, through, amongst other things, a Framework Convention on the Internet for the development of global Internet policies, and Memorandums of Understanding between the BRICS on science and technology cooperation.

A new website, “Hidden from Google”, is “archiving examples of internet censorship that are taking place” under the EU’s right-to-be-forgotten law. Roberts argues that the right-to-be-forgotten law is poorly thought-out, and that websites like “Hidden from Google” are “likely to add to the ongoing alarm and confusion over the new European law”.

Starting in September, a group of Google executives and legal experts –including CEO Eric Schmidt—will tour Europe as “part of the company’s response to a recent European court ruling that gives people the right to ask that links about themselves be removed from certain Internet searches”. The group will “look at how to balance individuals’ right to privacy with the people’s need for freedom of expression”, and is expected to produce a report next year “recommending how search engines should respond to the European court’s privacy ruling”.

The Cybersecurity Information Sharing Act (CISA) was marked up and modified by the Senate intelligence committee last week. Critics fear that the bill will give the National Security Agency (NSA) greater access to American data than it already has. The bill is intended to remove legal obstacles that block firms from sharing information about cyber-attacks with one another and with the U.S. government. However, it also allows this information to be shared with intelligence organizations such as the NSA. CISA would also create an amendment to the Freedom of Information Act (FoIA), causing great concern to transparency advocates and privacy rights activists.

A multistakeholder “Internet of Things Privacy Tech Working Group” will be formed to “identify the technical standards and best practices necessary to help enhance consumer privacy in the Internet of Things (IoT)”. The Working Group will investigate how the IoT will impact existing technical standards and specifications and will identify the appropriate organizations and institutions to develop solutions to protect user privacy. The Working Group’s output will be presented at the next IoT Privacy Summit in June, 2015.

The French Senate has released a proposal calling for greater oversight of ICANN through the creation of a “World Governance Council”. The World Governance Council would be born from the Internet Governance Forum (IGF), by providing the IGF with independent funding and tasking it with overseeing ICANN. The proposal also calls for ICANN to evolve into “WICANN” or “World ICANN”, which would be headquartered in Switzerland, and its actions would need approval from the World Governance Council. Van Gelder points out that this is one of many efforts by actors everywhere calling for greater accountability at ICANN.

Wilson –Director General of the Asia-Pacific Network Information Center (APNIC), a Regional Internet Registry (RIR)—discusses some of the key considerations of the NTIA/IANA transition, as well as some key pieces of the outcome of that transition. They include: technical stability and continuity of the IANA functions; separation of policy making and implementation via ICANN (that Wilson argues already exists); the definition of relationships between policy-makers and implementers (i.e. between the RIRs and ICANN); and ICANN’s accountability.

Internet Technology

This infographic released by ICANN explains “the role of the root zone, how it is managed, maintained and secured”. ICANN created the infographic as a way to explain to people how the Internet and the Domain Name System (DNS) works. ICANN will next make language translations of the infographic.

A group of companies working on Internet of Things (IoT) technologies have formed a non-profit called the Thread Group to “develop a new wireless standard for the Internet of Things”. Currently, there are multiple network protocols and standards for IoT technologies, resulting in a lack of interoperability between devices. Thread would be “a new IP-based wireless networking protocol, which will enable devices to connect into a more open, secure, and low-power wireless mesh network”.

Google’s new ‘Project Zero’ will recruit a team of hackers to “look at everything from accidental flaws in code, known as zero day bugs, to major government operations” as well as to make Google’s own services more secure, in order to protect Internet users from surveillance and cyber attacks.

Papers and Reports

This Netizen Report (published weekly) by Global Voices Advocacy provides “an international snapshot of challenges, victories, and emerging trends in Internet rights around the world.” In this week’s highlights: in China, information control around the 25th anniversary of the Tiananmen Square massacre has been “unusually erratic” as certain online services are blocked, unblocked, and then blocked again; the leading Turkish telecoms service provider (Turk Telekom) has been accused of purchasing equipment for monitoring social media and blocking websites; in Singapore, filesharing websites that can be used to share copyrighted material will be blocked at the end of August; in the Philipines, the government is seeking to increase the maximum fine for Internet service providers “delivering subpar Internet speeds”.

In this report Cowie compares the state of Brazil’s Internet ecosystem to that of South Africa –-another World Cup host country—and shows that Brazil’s Internet ecosystem is far more vibrant and independent than that of South Africa. For example, Brazil has a “network of provider-neutral Internet exchange points located in every major metropolitan area”, allowing Brazilian telecoms enterprises to register for Autonomous System Numbers (ASNs) and acquire their own Internet Protocol (IP) address spaces, thus maintaining provider independence, whereas South African telecoms enterprises tend to rely on the South African national telecoms service –-and are therefore not effectively autonomous, depending on a single Internet Exchange Point. Cowie shows that a diversity of local interconnection points helps the growth prospects of the local Internet ecosystem, and that this goes hand-in-hand with strong economic growth more generally.

This report examines “the protection and promotion of the right to privacy in the context of domestic and extraterritorial surveillance and/or interception of digital communications and collection of personal data, including on a mass scale”. The report will be presented this year to the Human Rights Council and also to the UN General Assembly in its sixty-ninth session. The full report, containing background and methodology, issues relating to privacy in the digital age, and conclusions and recommendations, is here.